mirror of
https://gitee.com/bianbu-linux/linux-6.6
synced 2025-07-01 23:53:16 -04:00
Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull execve updates from Eric Biederman: "Last cycle for the Nth time I ran into bugs and quality of implementation issues related to exec that could not be easily be fixed because of the way exec is implemented. So I have been digging into exec and cleanup up what I can. I don't think I have exec sorted out enough to fix the issues I started with but I have made some headway this cycle with 4 sets of changes. - promised cleanups after introducing exec_update_mutex - trivial cleanups for exec - control flow simplifications - remove the recomputation of bprm->cred The net result is code that is a bit easier to understand and work with and a decrease in the number of lines of code (if you don't count the added tests)" * 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (24 commits) exec: Compute file based creds only once exec: Add a per bprm->file version of per_clear binfmt_elf_fdpic: fix execfd build regression selftests/exec: Add binfmt_script regression test exec: Remove recursion from search_binary_handler exec: Generic execfd support exec/binfmt_script: Don't modify bprm->buf and then return -ENOEXEC exec: Move the call of prepare_binprm into search_binary_handler exec: Allow load_misc_binary to call prepare_binprm unconditionally exec: Convert security_bprm_set_creds into security_bprm_repopulate_creds exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds exec: Teach prepare_exec_creds how exec treats uids & gids exec: Set the point of no return sooner exec: Move handling of the point of no return to the top level exec: Run sync_mm_rss before taking exec_update_mutex exec: Fix spelling of search_binary_handler in a comment exec: Move the comment from above de_thread to above unshare_sighand exec: Rename flush_old_exec begin_new_exec exec: Move most of setup_new_exec into flush_old_exec exec: In setup_new_exec cache current in the local variable me ...
This commit is contained in:
commit
15a2bc4dbb
27 changed files with 501 additions and 387 deletions
|
@ -140,7 +140,7 @@ extern int cap_capset(struct cred *new, const struct cred *old,
|
|||
const kernel_cap_t *effective,
|
||||
const kernel_cap_t *inheritable,
|
||||
const kernel_cap_t *permitted);
|
||||
extern int cap_bprm_set_creds(struct linux_binprm *bprm);
|
||||
extern int cap_bprm_creds_from_file(struct linux_binprm *bprm, struct file *file);
|
||||
extern int cap_inode_setxattr(struct dentry *dentry, const char *name,
|
||||
const void *value, size_t size, int flags);
|
||||
extern int cap_inode_removexattr(struct dentry *dentry, const char *name);
|
||||
|
@ -276,7 +276,8 @@ int security_quota_on(struct dentry *dentry);
|
|||
int security_syslog(int type);
|
||||
int security_settime64(const struct timespec64 *ts, const struct timezone *tz);
|
||||
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
|
||||
int security_bprm_set_creds(struct linux_binprm *bprm);
|
||||
int security_bprm_creds_for_exec(struct linux_binprm *bprm);
|
||||
int security_bprm_creds_from_file(struct linux_binprm *bprm, struct file *file);
|
||||
int security_bprm_check(struct linux_binprm *bprm);
|
||||
void security_bprm_committing_creds(struct linux_binprm *bprm);
|
||||
void security_bprm_committed_creds(struct linux_binprm *bprm);
|
||||
|
@ -569,9 +570,15 @@ static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
|
|||
return __vm_enough_memory(mm, pages, cap_vm_enough_memory(mm, pages));
|
||||
}
|
||||
|
||||
static inline int security_bprm_set_creds(struct linux_binprm *bprm)
|
||||
static inline int security_bprm_creds_for_exec(struct linux_binprm *bprm)
|
||||
{
|
||||
return cap_bprm_set_creds(bprm);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int security_bprm_creds_from_file(struct linux_binprm *bprm,
|
||||
struct file *file)
|
||||
{
|
||||
return cap_bprm_creds_from_file(bprm, file);
|
||||
}
|
||||
|
||||
static inline int security_bprm_check(struct linux_binprm *bprm)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue